const express = require('express');
const reviewController = require('./../controllers/reviewController');
const authController = require('./../controllers/authController');

const router = express.Router({ mergeParams: true });
// P0ST /tour/234fad4/reviews
// GET /tour/234fad4/reviews
//GET /tour/234fad4/reviews/94887fda
router.use(authController.protect);

// router.route('/').post(reviewController.createReview);
router.route('/').get(reviewController.getAllReviews).post(
  // authController.restrictTo('user'),
  reviewController.setTourUserId,
  reviewController.createReview
);
router
  .route('/:id')
  .get(reviewController.getReview)
  .patch(
    // authController.restrictTo('user', 'admin'),
    reviewController.updateReview
  )
  .delete(
    // authController.restrictTo('user', 'admin'),
    reviewController.deleteReview
  );
module.exports = router;
